Including "Internal Rules" as Controlled Documents in a QMS

[Uriel Alejandro]

Hi everyone,

Currently I´m starring a new process of ISO 9001:2015 certification on an old big company with no reference of any Quality Standard Certification. They had plenty of documented information with big opportunity areas in document control.

When I took this job my first self-assigned mission was to purge all documentation and define a structure for documents. For the last part, I went to the basics: (Manuals>Procedures>WI´s>Forms), and later, I had to add "Policies" to the hierarchy (Kind of against my will), because Director Board were to attached to those type documents.

Currently I´m working with the security department and they provide me a new kind of document that they wanted to be controlled: Internal rules (e.g. Rules for visitors, Rules for the color code of PPE, Rules of truck drivers delivering merchandise, etc).

I´m sure those documents are no required by the standard and almost sure they are more the "nice to have" type, so I would like to see some opinions.
I rather not to make our document hierarchy bigger, but try to find a way to include them.

Do you have some experience controlling this kind of documents?

Thanks in advance for your advices.

 

[harry]

.............. Currently I´m working with the security department and they provide me a new kind of document that they wanted to be controlled: Internal rules (e.g. Rules for visitors, Rules for the color code of PPE, Rules of truck drivers delivering merchandise, etc). ..........

But these are the daily duties of the security department isn't? It is therefore their procedures or sop (depending on your choice of word). Why shouldn't it be included?

 

[Uriel Alejandro]

But these are the daily duties of the security department isn't? It is therefore their procedures or sop (depending on your choice of word). Why shouldn't it be included?

Yes, It´s part of their duties. In fact they have a documented procedure describing the roles and responsabilities of it. My idea it´s to include these rules as an appendix to their procedure. They want it to be separed as a new kind of document but I rather not to modify the document hierarchy (rules are not in the piramid and they are the only ones requiring it).

I know there are no rules to do it (and both ways are valid), I just wanted to know how other people do it, just for reference

 

[QAMTY]

two points.


strictly, should not be a reason for not to include them into the system because they are not considered into the pyramid. morover, those documents are included in the procedures.


Additionally, it is better to manage them separately, it easier the management of documents (editing, revision, tracking.)

Hope this helps

 

[Uriel Alejandro]

two points.


strictly, should not be a reason for not to include them into the system because they are not considered into the pyramid. morover, those documents are included in the procedures.


Additionally, it is better to manage them separately, it easier the management of documents (editing, revision, tracking.)

Hope this helps

Yes, I dont want to exclude them. I just wanted to figure out the most practical way to manage them.

I´m agree with you about your point of documents management. It´s definetly a big to consider.

Thank you for your advices

 

[Ninja]

Currently I´m working with the security department and they provide me a new kind of document that they wanted to be controlled: Internal rules (e.g. Rules for visitors, Rules for the color code of PPE, Rules of truck drivers delivering merchandise, etc).

From my line of thought...if all visitors have rules, then this is a company policy put in place by security.

If all PPE must conform to certain color standards, and PPE not conforming is taken away...this is a company policy.

Give security/EHS/whatever they are called their own sub-series within Corporate Policy. They get what they want, you get to keep your Document Hierarchy that you want.

 

[Uriel Alejandro]

From my line of thought...if all visitors have rules, then this is a company policy put in place by security.

If all PPE must conform to certain color standards, and PPE not conforming is taken away...this is a company policy.

Give security/EHS/whatever they are called their own sub-series within Corporate Policy. They get what they want, you get to keep your Document Hierarchy that you want.

Yeah, It´s a good idea, it might solve my dilemma. Now I think about it, the redaction of those documents fit with the description of a policy.

Thank you very much for your advice

 

[Kronos147]

Rather than introduce 'our' documentation pyramid to an existing culture, perhaps structure the new QMS around the way of thinking. Policies become 'procedures', for example. Just adopt to their terms.

As to two levels of doc control, it could be more effort. It could also lead to problems if one doesn't meet all the requirements of clause 7.5.

Food for thought.